Security Engineering - A Guide to Building Dependable Distributed Systems
This excellent reference is available as a series of PDF files which are, while a nice way to sample it, greatly inferior to having a decently published copy on paper.
Excerpts from the Export Control List of Canada (Info on Crypto)
This is an Australian Government report on crypto policy; very illuminating, particularly certain portions that were, at one point, censored.
The report discusses the use of cryptography for data hiding, the impact of this on law enforcement agency actions, and comments on strategies for responding to crypto.
The report is quite balanced in its presentation. While it contains recommendations that "free speech activists" may oppose, it does not "demonize" anyone or anything, and it certainly provides interesting insights as to the workings of law enforcement organizations, and makes interesting comments on the policies set forth by various agencies in other countries such as the US, Britain, and France.
A very good thing to read before popping off a half-baked comment either lambasting evil governments for trying to deny "basic human rights" or demonizing the fools that want to make life easy for terrorists...
HavenCo - The Industry Leader in Colocation Services
This is an internet colocation site sited at The Principality of Sealand. Sealand is a minscule nation founded in 1967 at what used to be a World War II fortress, built by the United Kingdom, several miles out to sea.
They are implementing a "secure data haven" rather resembling that described in Neal Stephensen's novel Crytonomicon.
The true history of Sealand is nearly as colourful as fiction, including both legal and "military" battles, kidnappings, a new "Royal Family," and such.
There is apparently a company selling fake Sealand passports, so that there are reputedly 150,000 fakes, vastly outnumbering the 300 real ones.
IDs--Not That Easy: Questions About Nationwide Identity Systems
National Crime Information Centre Accuracy
Attempts to collect lists of "suspects" for such things as the FBI's "terrorist watch" list lead to a rather immense problem.
Consider, on the one hand, that it seems likely that the number of members of organizations like Al Qaeda within the United States is almost certainly quite small. There may well be a few dozen of them, and some hundreds, or perhaps even some thousands, of probably-actually-dangerous "militia" and others that might realistically be considered would-be terrorists.
On the other hand, there are apparently about 13 million people on the FBI's list. The number of "suspects" are hundreds of thousands as great as the number one would reasonably expect to be The Real Thing. Unfortunately, this is an absolutely enormous discrepancy that leads to wrongly-identified "terrorists" being regularly harassed by police.
It seems not at all implausible that the construction and use of this database may lead to a lot more innocent people being killed (in cases where trigger-happy police are a bit too quick to shoot) than there were terrorists in the first place. It is probably bad security, to boot.
This is a hugely pathological example of the "false positive" problem; what is unusual about it is the massive degree of error that is in evidence. The enormous error is intrinsic to problems like this in which the percentage of "guilty" is so vanishingly tiny.
Attempts at "profiling" suffer from much the same problem, whether we are talking about trying to find terrorists or would-be "Columbine killers." In either case, on the average day, there is a population of millions, and in that enormous population, there are not ANY Bad Guys to be found.
A successful "profile" is one that will typically select, in keeping with reality, less than one in a million. In the absence of so successful a profile, or so accurate a database, enormous numbers of innocents are unjustly accused, which is quite a hazardous result, certainly not in keeping with the "innocent until proven guilty" assumption of many societies.
SSN Frequently Asked Questions
A good "nonexistant" SSN is 078-05-1120.
See also Structure of Social Security Numbers
The Web, and the typical WinTel PC, are getting increasingly infested with various forms of "spyware." Windows install tools can put code whereever they want to, and increasingly often, this includes adding in "spyware" that can report back to a vendor on where you are going on the web, or what software you have running on your computer.